package com.sname.car.security.SpringSecurity;

import com.sname.car.cache.CommonCacheUtil;
import com.sname.car.common.constants.Parameters;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;

/**
 * Created By  醉美柳舞之众星捧月
 *
 * @author songx
 * @date 2018/9/28 14:18
 */
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    /**
     * Author song  醉美柳舞之众星捧月
     * Date & Time  2018/9/28 14:31
     * Description  配置第一步 进行拦截
     */
    @Autowired
    private Parameters parameters;
    @Autowired
    private CommonCacheUtil commonCacheUtil;

    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    /**
     * 为验证拦截器设置AuthenticationManager (由于用了springboot注入方式)
     *
     * @return
     * @throws Exception
     */
    private RestPreAuthenticatedProcessingFilter getPreAuthenticatedProcessingFilter() throws Exception {
        RestPreAuthenticatedProcessingFilter filter = new RestPreAuthenticatedProcessingFilter();
        filter.setAuthenticationManager(this.authenticationManagerBean());
        return filter;
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth)
            throws Exception {
        auth.authenticationProvider(new RestAuthenticationProvider());
    }


    @Override
    protected void configure(HttpSecurity http) throws Exception {
        /** csrf跨站脚本攻击;关闭;由后端生成一个唯一标识 **/
        http.csrf().disable()
                /** 授权请求 **/
                .authorizeRequests()
                /**  匹配 ： 开放                  (下面这一句是,将 List<String> 转为 String)   **/
                .antMatchers(parameters.getNoneSecurityPath().toArray(new String[parameters.getNoneSecurityPath().size()])).permitAll()
                /** 其他请求全部验证 **/
                .anyRequest().authenticated()
                /** 并且 **/
                .and()
                /** session管理下的session是无状态的 **/
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                .and()
                .httpBasic()
                /** 添加自己配置的统一异常类 **/
                .authenticationEntryPoint(new RestAuthenticationEntryPoint())
                .and()
                /** 添加自己配置的过滤器 **/
                .addFilter(new RestPreAuthenticatedProcessingFilter());

    }
}
